-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfluent-bit.conf
44 lines (39 loc) · 1.14 KB
/
fluent-bit.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
[SERVICE]
log_level debug
parsers_file parsers.conf
[INPUT]
Name forward
Listen 0.0.0.0
port 24224
[FILTER]
Name parser
Key_Name log
Match *
Parser docker
[FILTER]
Name modify
Match *
Remove_wildcard Cookie
Add product Awesome_Tool2
# avoid logging request cookies: https://github.com/fluent/fluent-bit/issues/2152#issuecomment-1774859832
#[FILTER]
# name lua
# match *
# call sanitize
# code function sanitize(tag, timestamp, record) if record["transaction"]["request"]["headers"]["Cookie"] ~= nil then record["transaction"]["request"]["headers"]["Cookie"] = nil end return 1, timestamp, record end
[OUTPUT]
Name es
Match **
Host es01
Port 9200
# When Logstash_Format is enabled, the Index name is composed using a prefix and the date
Logstash_Format True
Logstash_Prefix logs
Suppress_Type_Name On
HTTP_User elastic
HTTP_Passwd bsides
# Alternative time key, useful if your log entries contain an @timestamp field that is used by Elasticsearch
# Time_Key es_time
# If your Elasticsearch is using TLS, configure this
tls On
tls.verify Off